Feeds

Google throws a bone to privacy watchdogs

Will keep your data for 18 months

Providing a secure and efficient Helpdesk

Google is cutting back the time it holds user-identifying data - a little. But will this be enough to placate privacy advocates?

The search giant is to scrub personally identifying information after 18 months, compared with the limit of 18 months to two years it set out in March.

Google's Global Privacy Counsel Peter Fleischer announced the revised policy in a June 10 letter addressed to the head of a European Union working group that recently called on Google to justify why it needed to store personally identifiable information for as long as two years. The Article 29 Data Protection Working Party had also requested Google provide more details about how it planned to anonymize data.

"After considering the Working Party's concerns, we are announcing a new policy: to anonymize our search server logs after 18 months, rather than the previously-established period of 18-to-24 months," Fleischer wrote in an accompanying blog entry. But lest Google critics take to spontaneous dancing in the streets, Fleischer warned "that future data retention laws may obligate us to raise the retention period to 24 months".

If it sounds like Google is tip-toeing through a mine field, it's because the company has come under fierce attack by privacy advocates. Recently, Privacy International, a UK-based privacy watchdog, ranked Google's privacy practices last among major internet service companies. And a chorus of critics have formally complained to the Federal Trade Commission that Google's proposed acquisition of DoubleClick, the biggest online ad server company, would create a repository of consumer information so vast it would be ripe for abuse by Google, its partners and government agents.

To hear Fleischer tell it, Google is walking the razor-thin line between security, innovation and compliance on the one side and privacy on the other. While a decision not to collect personal information at all would warm the hearts of even the most jaded privacy advocates, it would hamper other important objectives, he says. Among them is internet security and enforcement of child protection laws, which benefit from Google collecting IP numbers and tying them to specific searches.

And as if that wasn't enough, Fleischer says, Google as a global business has to comply with a patchwork of conflicting laws that span the globe. Complying with, say, a European law that mandates that personal information be "kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed" may seem like a simple thing. But try telling that to the US goon squad enforcing Sarbanes Oxley, which requires Google "retain business records sufficient to establish adequate financial and other controls".

Food for thought, perhaps, but Kevin Bankston, a staff attorney at the Electronic Frontier Foundation remains skeptical that forces beyond Google's control mandate the storing of personal data for such a long period. By comparison, he says, AOL anonymizes searches after 30 days. He also criticizes Google for not explaining exactly what laws it believes requires it to store information for as long as 18 months.

Says Bankston: "The burden is on Google to demonstrate why that is the case. Considering the much shorter retention periods of competitors like AOL, I don't think they've met that burden." ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
HBO shocks US pay TV world: We're down with OTT. Netflix says, 'Gee'
This affects every broadcaster, every cable guy
Same old iPad? NO. The new 'soft SIMs' are BIG NEWS
AppleSIM 'ware to allow quick switch of carriers
Arab States make play for greater government control of the internet
Nerds told to get lost in last-minute power grab bid at UN meeting
iPhone 6 shunned by fanbois in Apple's GREAT FAIL of CHINA
Just 100 Beijing fanbois queue to pick up new mobe
Brits: Google, can you scrape 60k pages from web, pleeease
Hey, c'mon Choc Factory, it's our 'right to be forgotten'
Of COURSE Stephen Elop's to blame for Nokia woes, says author
'Google did have some unique propositions for Nokia'
It's even GRIMMER up North after MEGA SKY BROADBAND OUTAGE
By 'eck! Eccles cake production thrown into jeopardy
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.